Total
3056 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1002 | 1 Microsoft | 12 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 9 more | 2021-09-09 | 6.6 MEDIUM | 7.1 HIGH |
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. | |||||
CVE-2021-34535 | 1 Microsoft | 9 Remote Desktop, Windows 10, Windows 7 and 6 more | 2021-08-23 | 6.8 MEDIUM | 8.8 HIGH |
Remote Desktop Client Remote Code Execution Vulnerability | |||||
CVE-2021-34533 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-23 | 6.8 MEDIUM | 7.8 HIGH |
Windows Graphics Component Font Parsing Remote Code Execution Vulnerability | |||||
CVE-2021-34484 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-23 | 4.6 MEDIUM | 7.8 HIGH |
Windows User Profile Service Elevation of Privilege Vulnerability | |||||
CVE-2021-34483 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-23 | 4.6 MEDIUM | 7.8 HIGH |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||
CVE-2021-36927 | 1 Microsoft | 5 Windows 7, Windows 8.1, Windows Rt 8.1 and 2 more | 2021-08-20 | 4.6 MEDIUM | 7.8 HIGH |
Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability | |||||
CVE-2021-36932 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 5.0 MEDIUM | 7.5 HIGH |
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36933. | |||||
CVE-2021-36936 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 7.5 HIGH | 9.8 CRITICAL |
Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36947, CVE-2021-36958. | |||||
CVE-2021-36937 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 6.8 MEDIUM | 7.8 HIGH |
Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability | |||||
CVE-2021-36947 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 6.5 MEDIUM | 8.8 HIGH |
Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36958. | |||||
CVE-2021-34537 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 5.2 MEDIUM | 8.0 HIGH |
Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||
CVE-2021-26424 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 6.8 MEDIUM | 9.8 CRITICAL |
Windows TCP/IP Remote Code Execution Vulnerability | |||||
CVE-2018-3639 | 12 Arm, Canonical, Debian and 9 more | 321 Cortex-a, Ubuntu Linux, Debian Linux and 318 more | 2021-08-13 | 2.1 LOW | 5.5 MEDIUM |
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | |||||
CVE-2018-0786 | 1 Microsoft | 10 .net Core, .net Framework, Powershell Core and 7 more | 2021-08-12 | 5.0 MEDIUM | 7.5 HIGH |
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability." | |||||
CVE-2018-0764 | 1 Microsoft | 10 .net Core, .net Framework, Powershell Core and 7 more | 2021-08-12 | 5.0 MEDIUM | 7.5 HIGH |
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765. | |||||
CVE-2021-34481 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-09 | 4.6 MEDIUM | 7.8 HIGH |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||
CVE-2016-3376 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2021-08-05 | 9.3 HIGH | 7.8 HIGH |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-7185, and CVE-2016-7211. | |||||
CVE-2012-1882 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2021-07-23 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability." | |||||
CVE-2012-1881 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2021-07-23 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability." | |||||
CVE-2012-1880 | 1 Microsoft | 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more | 2021-07-23 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability." |